Joomla! There create an account/privilege elevation vulnerability please update-vulnerability warning-the black bar safety net

2016-10-26T00:00:00
ID MYHACK58:62201680555
Type myhack58
Reporter 佚名
Modified 2016-10-26T00:00:00

Description

Vulnerability description Account creation the Account Creation) Affected version: 3.4. 4 to 3. 6. 3 Report Date: 2 0 1 6 years 1 0 months 1 No. 8 Fix the date: 2 0 1 6 years 1 0 month 2 5 Number CVE number: CVE-2 0 1 6-8 8 7 0 Description: not strictly check the Allow users on the site does not allow registration when registering an account Repair recommendations: upgrade to Joomla! 3.6.4 version Elevation of Privilege(Elevated Privileges) Affected version: 3.4. 4 to 3. 6. 3 Report Date: 2 0 1 6 years 1 0 months 1 No. 8 Fix the date: 2 0 1 6 years 1 0 month 2 5 Number CVE number: CVE-2 0 1 6-8 8 6 9 Description: inappropriate use of non-strict data lead to the registered account can be elevated permissions Repair recommendations: upgrade to Joomla! 3.6.4 version Security client representation will continue to focus on the vulnerability and promptly follow up the latest information. 2 No. 5 Joomla! The official announcement Joomla! 3.6.4 is now available for download. This is a 3. x version of the security update. Fixes 2 critical security issues and a two-factor authentication bug. We strongly recommend that you immediately update your website. And Joomla! 3.6. 3 compared to this version only fixes 2 security issues and 1 two-factor authentication bug, no other of any change. 2 No. 1 Joomla! The official announcement On 1 0 March 2 5, 1 4:0 0 UTC time of about 2 2:0 0 will be released Joomla! 3.6.4 version contains an important security fix, and Joomla! The Strike Team security team(JSST)previously received on the security notification. This is a very important security fix, please next Tuesday ready to update your Joomla! to. Please understand that we, until this version is released, we will not disclose about the vulnerability of any information.